naftiko: 1.0.0-alpha2 info: label: Automation Anywhere Control Room API — Authentication description: 'Automation Anywhere Control Room API — Authentication. 3 operations. Lead operation: Logout and invalidate JWT. Self-contained Naftiko capability covering one Automation Anywhere business surface.' tags: - Automation Anywhere - Authentication created: '2026-05-19' modified: '2026-05-19' binds: - namespace: env keys: AUTOMATION_ANYWHERE_API_KEY: AUTOMATION_ANYWHERE_API_KEY capability: consumes: - type: http namespace: control-room-authentication baseUri: https://{controlRoomUrl} description: Automation Anywhere Control Room API — Authentication business capability. Self-contained, no shared references. resources: - name: v1-authentication-logout path: /v1/authentication/logout operations: - name: logout method: POST description: Logout and invalidate JWT outputRawFormat: json outputParameters: - name: result type: object value: $. - name: v1-authentication-token path: /v1/authentication/token operations: - name: validatetoken method: GET description: Validate a JWT token outputRawFormat: json outputParameters: - name: result type: object value: $. - name: v2-authentication path: /v2/authentication operations: - name: authenticate method: POST description: Authenticate and generate JWT outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: body in: body type: object description: Request body (JSON). required: true authentication: type: bearer token: '{{env.AUTOMATION_ANYWHERE_API_KEY}}' exposes: - type: rest namespace: control-room-authentication-rest port: 8080 description: REST adapter for Automation Anywhere Control Room API — Authentication. One Spectral-compliant resource per consumed operation, prefixed with /v1. resources: - path: /v1/v1/authentication/logout name: v1-authentication-logout description: REST surface for v1-authentication-logout. operations: - method: POST name: logout description: Logout and invalidate JWT call: control-room-authentication.logout outputParameters: - type: object mapping: $. - path: /v1/v1/authentication/token name: v1-authentication-token description: REST surface for v1-authentication-token. operations: - method: GET name: validatetoken description: Validate a JWT token call: control-room-authentication.validatetoken outputParameters: - type: object mapping: $. - path: /v1/v2/authentication name: v2-authentication description: REST surface for v2-authentication. operations: - method: POST name: authenticate description: Authenticate and generate JWT call: control-room-authentication.authenticate with: body: rest.body outputParameters: - type: object mapping: $. - type: mcp namespace: control-room-authentication-mcp port: 9090 transport: http description: MCP adapter for Automation Anywhere Control Room API — Authentication. One tool per consumed operation, routed inline through this capability's consumes block. tools: - name: logout-and-invalidate-jwt description: Logout and invalidate JWT hints: readOnly: true destructive: false idempotent: false call: control-room-authentication.logout outputParameters: - type: object mapping: $. - name: validate-jwt-token description: Validate a JWT token hints: readOnly: true destructive: false idempotent: true call: control-room-authentication.validatetoken outputParameters: - type: object mapping: $. - name: authenticate-and-generate-jwt description: Authenticate and generate JWT hints: readOnly: false destructive: false idempotent: false call: control-room-authentication.authenticate with: body: tools.body outputParameters: - type: object mapping: $.